/// <summary> /// CR119-08 /// Save the contact and address objects extarcted from the card personaliztion object so it can be used later to populate tha anonymous user data /// </summary> public void SavePersonalizedContact() { OnlineAccountsManager lOnlineAccMgr = new OnlineAccountsManager(); Contact lTargetContact = null; if (HttpContext.Current.Request.Cookies["PersonalizedContact"] != null) { //modified by Rabie @ 29 Oct 2013 // decrypting "PersonalizedContact" cookie value as part of accepted work-around to "persistent cookie issue" in SND 4.0 security issues report var lPersonalizedContactID = EncryptionDecryptionManager.DecryptData(HttpContext.Current.Request.Cookies["PersonalizedContact"].Value , URLLocalizationManager.PrivateKey); lTargetContact = lOnlineAccMgr.GetContact(int.Parse(lPersonalizedContactID), "Addresses"); ConvertPersonalizationDataToContact(NavigationState.SB_Card.SB_CardPersonalizedInfo, lTargetContact); lOnlineAccMgr.UpdateContact(lTargetContact); lOnlineAccMgr.UpdateAddress(lTargetContact.Addresses.FirstOrDefault()); } else { lTargetContact = new Contact(); ConvertPersonalizationDataToContact(NavigationState.SB_Card.SB_CardPersonalizedInfo, lTargetContact); lOnlineAccMgr.CreateContact(lTargetContact); } //modified by Rabie @ 29 Oct 2013 // encrypting/decrypting "PersonalizedContact" cookie value as accepted work-around to "persistent cookie issue" in SND 4.0 security issues report var lPersonalizedContactCookie = new HttpCookie("PersonalizedContact", EncryptionDecryptionManager.EncryptData(lTargetContact.Contact_ID.ToString(), URLLocalizationManager.PublicKey)); lPersonalizedContactCookie.Expires = DateTime.Now.AddDays(1); lPersonalizedContactCookie.HttpOnly = true; lPersonalizedContactCookie.Secure = true; HttpContext.Current.Response.Cookies.Add(lPersonalizedContactCookie); }
protected void btnSubmit_Click(object sender, ImageClickEventArgs e) { if (_bilCollectionManager.IsSpeacialEntryExist(txtCollectionId.Text) == false) { _bilCollectionManager = new BillCollectionManager(); AuthenticationManager authenticationManger = new AuthenticationManager(); EncryptionDecryptionManager encryptionDecriptionManager = new EncryptionDecryptionManager(); authenticationManger.ConnectionString = MtbBillCollection.WebConfigManager.GetCollDBConnString(); String userId = (String)Session[MtbBillCollection.Global.Definitions.SessionVariable.Value.UserId]; string password = txtPassword.Text; password = encryptionDecriptionManager.ComputeHash(password, new byte[password.Length]); if (authenticationManger.IsActiveUser(userId, password) == true && MtbBillCollection.Utility.Screen.IsUserPermitedToAccessScreen(Convert.ToInt32(Session["userTypeId"].ToString()), "Clearing")) { _collectionId = txtCollectionId.Text; BillCollectionInfo billCollInfo = _bilCollectionManager.GetCollectionInformtion(_collectionId); billCollInfo.ColectionId = int.Parse(txtCollectionId.Text); _bilCollectionManager.MarkAsSpeacialEdit(billCollInfo.ColectionId, billCollInfo.BranchCode, userId, DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss"), txtReason.Text); billCollInfo.CollStatus = MtbBillCollection.Global.Definitions.CollectionStatus.Value.SpeacialEdit; ShowPopup(true, false, ""); //_bilCollectionManager.UpdateCollectionInformation(billCollInfo); } } else { ShowPopup(true, true, "Data can not save. Invalid User Id or Password or you don't have access."); //Show Messege } }